CVE-2005-2943

Name	CVE-2005-2943
Description	Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option.
Source	CVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
References	DSA-902-1
NVD severity	high (attack range: remote)
Debian Bugs	333863
Debian/oldstable	not vulnerable.
Debian/stable	not vulnerable.
Debian/testing	not known to be vulnerable.
Debian/unstable	not vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
xmail (PTS)	wheezy, squeeze	1.27-1.1	fixed
	sid	1.27-1.2	fixed

The information above is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
xmail	source	(unstable)	1.22-1	medium		333863
xmail	source	sarge	1.21-3sarge1	high	DSA-902-1